Error in your logic, here... AV software is *never* perfectly up-to-date on all bits of malware all the time. Something is always missed, and sometimes for a very long time, no matter how good the AV software is.
Kurt On Thu, Oct 22, 2009 at 19:52, Carl Houseman <[email protected]> wrote: > Try to employ some logic here. > > Q: Why does a realtime scan not find something? > A: Because the file is never accessed. > > If the answer above is NOT the answer, then the realtime scanner is broken > and that AV product should be abandoned. > > Q: When does a realtime scanner identify malware? > A: When it's accessed by the operating system. > > Q: What does a malware file that's never accessed do to a system? > A: Use up free space on the hard drive. Nothing more. > > Scheduled scans are limited to signature-based identification, and as we all > know, signature detection has largely been defeated of late. The name of the > game is preventing dangerous execution behaviors, and that kind of detection > and prevention is part of realtime detection mechanisms. As realtime > scanners evolve and improve, they will find malware that scheduled scans miss. > > Carl > > -----Original Message----- > From: Kurt Buff [mailto:[email protected]] > Sent: Thursday, October 22, 2009 10:31 PM > To: NT System Admin Issues > Subject: Re: User who doesn't like logging off / shutting down > > On Thu, Oct 22, 2009 at 19:21, Carl Houseman <[email protected]> wrote: >> What's the answer to my question? (highlighted below in case you missed it) > > The answer is: I don't know, but the VIPRE realtime scans aren't > catching what the scheduled scans are catching. > >> Here's another: How dangerous is a malware file that resides on a hard >> drive and is never accessed? > > As dangerous as the next click or carriage return, or File/Open operation. > > Kurt > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
